The vishing caper (also called “voice phishing,” or “phone spearphishing”) that enabled takeover of more than a hundred high-profile Twitter accounts is apparently serving as a template for other attacks. WIRED reports that a growing number of organizations are experiencing similar, copycat approaches, with varying but disturbing degrees of success. ZeroFox sees the uptick affecting not only corporations, but social media influencers as well. The security firm recommends a mix of training, policy, and technical defenses: “training and education, monitoring and pre-emptive blocking of problem domains, SSO auditing, and employing role-based access best practices for internal panels.”
Guardicore has found a peer-to-peer Linux botnet, “FritzFrog,” which it describes as sophisticated, fileless, evasive, proprietary, and aggressive. It could be used to deliver a range of payloads, but so far seems to have for the most part been engaged in cryptojacking systems to mine Monero.
Trustwave’s SpiderLabs report finding five uninstaller versions for the GoldenSpy backdoor carried by tax software whose use is required of companies doing business in China.
The US Senate Select Committee on Intelligence has released the final volume of its report on Russian interference with the 2016 election. It found that President Putin directed the campaign and set its goals (generally disruptive, but specifically anti-Clinton), that (despite troubling behavior by sometime Trump consigliere Paul Manafort) there was no collusion between the Trump campaign and Russian intelligence services, and that the FBI made loose and careless use of the retrospectively implausible Steele dossier. Democrats emphasize Manafort, Republicans the FBI.